DDoS Attacks “On Hire” Becoming Commonplace

By Paul Liu
Saturday, November 19th, 2016

---

Distributed Denial of Service (DDoS) attacks have become an integral part of the internet landscape over the last few years. They are mostly used by hackers, criminals and even activists to overwhelm the traffic handling capacity of a website or a network and render it unusable from a few hours to few days. However, in a news that is sure to alarm people who use internet’s infrastructure to conduct business or reach their target audience, large scale DDoS attacks are now also available “On Hire”. Hackers offering such services have access to one or more botnets (network of computers that have been infiltrated via trojans) which can quickly be channeled to carry out large scale attacks.

Incapsula, a cloud based security and online delivery platform, calculated just over a year ago that DDoS-for-hire services were available for a small sum of $38 an hour. However, the company recently came across campaigns on the popular marketplace Fiverr that were offering DDoS attacks for as little as 5 bucks. Although, these offers were advertised as testing campaigns which allowed buyers to test their own sites against DDoS attacks, in reality buyers could direct the attacks against any website (including competitors’ sites). When contacted by Incapsula staff, a seller offering the service admitted that the attacks could be carried out against any website or service except government, state or hospital sites. After this communication, Incapsula alerted Fiverr which was quick to suspend all campaigns offering DDoS services. Interestingly, Fiverr suffered a large DDoS attack soon after that and its website was inaccessible for almost 5 hours.

It is estimated that DDoS attacks last an average of 54 minutes and cause $22,000 worth of damage every minute. Such attacks can also affect millions of ordinary people if they are directed against financial or bank websites, ecommerce sites or information sites that are used by scores of people. Furthermore, these attacks not only cause financial damage to the affected company, they may also result in data theft, loss of trust and even theft of intellectual property. As per a recent survey, gaming servers are the biggest targets of DDoS attacks which makes sense considering that gaming has steadily moved to online playing model in the recent years. While most affected websites are able to resume normal operations within a day or two, for some it can take even weeks to get back on their feet. With the availability of DDoS service on hire, this bloodbath is set to get even more brutal.

If you run an online business, taking precautionary steps against DDoS attacks is extremely important. There are many companies offering cloud based protection that can deal with DDoS attacks comprising of hundreds of GBPS of traffic. Considering that botnets are relentless and are likely to re-target a site within a matter of days, it makes sense to take preventive measures against attacks that can send hundreds of thousands of requests per second against your website. Unfortunately, there is no bulletproof solution against DDoS attacks but it certainly makes sense to mitigate the associated risks.

---

• VPN Articles and News

November 19, 2016

• 0 Comments
• Leave Comment